route: RTM_MISS now puts the message source address in RTA_AUTHOR
route(8) also reports this. A userland app could use this to blacklist nodes who probe for machines that doesn't exist on a subnet / prefix.
This commit is contained in:
roy
parent
ee43138c68
commit
5ff17943ef
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: route.h,v 1.126 2020/02/08 14:17:30 roy Exp $ */
|
||||
/* $NetBSD: route.h,v 1.127 2020/03/09 21:20:55 roy Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1980, 1986, 1993
|
||||
@ -543,8 +543,8 @@ void rt_addrmsg_rt(int, struct ifaddr *, int, struct rtentry *);
|
||||
void route_enqueue(struct mbuf *, int);
|
||||
|
||||
struct llentry;
|
||||
void rt_clonedmsg(int, const struct sockaddr *, const uint8_t *,
|
||||
const struct ifnet *);
|
||||
void rt_clonedmsg(int, const struct sockaddr *, const struct sockaddr *,
|
||||
const uint8_t *, const struct ifnet *);
|
||||
|
||||
void rt_setmetrics(void *, struct rtentry *);
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: rtsock.c,v 1.254 2020/02/03 20:34:13 roy Exp $ */
|
||||
/* $NetBSD: rtsock.c,v 1.255 2020/03/09 21:20:55 roy Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
@ -61,7 +61,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: rtsock.c,v 1.254 2020/02/03 20:34:13 roy Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: rtsock.c,v 1.255 2020/03/09 21:20:55 roy Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_inet.h"
|
||||
@ -145,8 +145,8 @@ if_addrflags(struct ifaddr *ifa)
|
||||
* Send a routing message as mimicing that a cloned route is added.
|
||||
*/
|
||||
void
|
||||
rt_clonedmsg(int type, const struct sockaddr *dst, const uint8_t *lladdr,
|
||||
const struct ifnet *ifp)
|
||||
rt_clonedmsg(int type, const struct sockaddr *src, const struct sockaddr *dst,
|
||||
const uint8_t *lladdr, const struct ifnet *ifp)
|
||||
{
|
||||
struct rt_addrinfo info;
|
||||
/* Mimic flags exactly */
|
||||
@ -164,6 +164,7 @@ rt_clonedmsg(int type, const struct sockaddr *dst, const uint8_t *lladdr,
|
||||
if (type == RTM_ADD || type == RTM_CHANGE)
|
||||
flags |= RTF_UP;
|
||||
memset(&info, 0, sizeof(info));
|
||||
info.rti_info[RTAX_AUTHOR] = src;
|
||||
info.rti_info[RTAX_DST] = dst;
|
||||
sockaddr_dl_init(&u.sdl, sizeof(u.ss), ifp->if_index, ifp->if_type,
|
||||
NULL, 0, lladdr, ifp->if_addrlen);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: icmp6.h,v 1.52 2018/08/22 01:05:24 msaitoh Exp $ */
|
||||
/* $NetBSD: icmp6.h,v 1.53 2020/03/09 21:20:55 roy Exp $ */
|
||||
/* $KAME: icmp6.h,v 1.84 2003/04/23 10:26:51 itojun Exp $ */
|
||||
|
||||
|
||||
@ -643,7 +643,8 @@ struct rtentry;
|
||||
void icmp6_init(void);
|
||||
void icmp6_paramerror(struct mbuf *, int);
|
||||
void icmp6_error(struct mbuf *, int, int, int);
|
||||
void icmp6_error2(struct mbuf *, int, int, int, struct ifnet *);
|
||||
void icmp6_error2(struct mbuf *, int, int, int, struct ifnet *,
|
||||
struct in6_addr *);
|
||||
int icmp6_input(struct mbuf **, int *, int);
|
||||
void icmp6_fasttimo(void);
|
||||
void icmp6_prepare(struct mbuf *);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: if_arp.c,v 1.293 2020/03/09 17:57:19 roy Exp $ */
|
||||
/* $NetBSD: if_arp.c,v 1.294 2020/03/09 21:20:55 roy Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
|
||||
@ -68,7 +68,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.293 2020/03/09 17:57:19 roy Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: if_arp.c,v 1.294 2020/03/09 21:20:55 roy Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_ddb.h"
|
||||
@ -309,20 +309,31 @@ arptimer(void *arg)
|
||||
if (lle->la_flags & LLE_LINKED) {
|
||||
int rt_cmd;
|
||||
struct in_addr *in;
|
||||
struct sockaddr_in sin;
|
||||
struct sockaddr_in dsin, ssin;
|
||||
struct sockaddr *sa;
|
||||
const char *lladdr;
|
||||
size_t pkts_dropped;
|
||||
|
||||
in = &lle->r_l3addr.addr4;
|
||||
sockaddr_in_init(&sin, in, 0);
|
||||
sockaddr_in_init(&dsin, in, 0);
|
||||
if (lle->la_flags & LLE_VALID) {
|
||||
rt_cmd = RTM_DELETE;
|
||||
sa = NULL;
|
||||
lladdr = (const char *)&lle->ll_addr;
|
||||
} else {
|
||||
if (lle->la_hold != NULL) {
|
||||
struct mbuf *m = lle->la_hold;
|
||||
const struct ip *ip = mtod(m, const struct ip *);
|
||||
|
||||
sockaddr_in_init(&ssin, &ip->ip_src, 0);
|
||||
sa = sintosa(&ssin);
|
||||
} else
|
||||
sa = NULL;
|
||||
rt_cmd = RTM_MISS;
|
||||
lladdr = NULL;
|
||||
|
||||
}
|
||||
rt_clonedmsg(rt_cmd, sintosa(&sin), lladdr, ifp);
|
||||
rt_clonedmsg(rt_cmd, sa, sintosa(&dsin), lladdr, ifp);
|
||||
|
||||
LLE_REMREF(lle);
|
||||
pkts_dropped = llentry_free(lle);
|
||||
@ -834,8 +845,14 @@ notfound:
|
||||
la->la_asked++;
|
||||
|
||||
sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
|
||||
if (error != EWOULDBLOCK)
|
||||
rt_clonedmsg(RTM_MISS, sintosa(&sin), NULL, ifp);
|
||||
if (error != EWOULDBLOCK) {
|
||||
const struct ip *ip = mtod(m, const struct ip *);
|
||||
struct sockaddr_in ssin;
|
||||
|
||||
sockaddr_in_init(&ssin, &ip->ip_src, 0);
|
||||
rt_clonedmsg(RTM_MISS, sintosa(&ssin), sintosa(&sin),
|
||||
NULL, ifp);
|
||||
}
|
||||
|
||||
LLE_WUNLOCK(la);
|
||||
|
||||
@ -1236,7 +1253,7 @@ again:
|
||||
struct sockaddr_in sin;
|
||||
|
||||
sockaddr_in_init(&sin, &la->r_l3addr.addr4, 0);
|
||||
rt_clonedmsg(rt_cmd, sintosa(&sin), ar_sha(ah), ifp);
|
||||
rt_clonedmsg(rt_cmd, NULL, sintosa(&sin), ar_sha(ah), ifp);
|
||||
}
|
||||
|
||||
if (la->la_hold != NULL) {
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: icmp6.c,v 1.243 2019/10/06 02:30:58 uwe Exp $ */
|
||||
/* $NetBSD: icmp6.c,v 1.244 2020/03/09 21:20:56 roy Exp $ */
|
||||
/* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */
|
||||
|
||||
/*
|
||||
@ -62,7 +62,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.243 2019/10/06 02:30:58 uwe Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.244 2020/03/09 21:20:56 roy Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_inet.h"
|
||||
@ -285,7 +285,7 @@ icmp6_mtudisc_callback_register(void (*func)(struct in6_addr *))
|
||||
*/
|
||||
void
|
||||
icmp6_error2(struct mbuf *m, int type, int code, int param,
|
||||
struct ifnet *ifp)
|
||||
struct ifnet *ifp, struct in6_addr *src)
|
||||
{
|
||||
struct ip6_hdr *ip6;
|
||||
|
||||
@ -304,6 +304,7 @@ icmp6_error2(struct mbuf *m, int type, int code, int param,
|
||||
if (in6_setscope(&ip6->ip6_dst, ifp, NULL) != 0)
|
||||
goto out;
|
||||
|
||||
*src = ip6->ip6_src;
|
||||
icmp6_error(m, type, code, param);
|
||||
return;
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: nd6.c,v 1.266 2020/01/20 18:38:22 thorpej Exp $ */
|
||||
/* $NetBSD: nd6.c,v 1.267 2020/03/09 21:20:56 roy Exp $ */
|
||||
/* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */
|
||||
|
||||
/*
|
||||
@ -31,7 +31,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.266 2020/01/20 18:38:22 thorpej Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.267 2020/03/09 21:20:56 roy Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_net_mpsafe.h"
|
||||
@ -458,9 +458,11 @@ nd6_llinfo_timer(void *arg)
|
||||
struct ifnet *ifp;
|
||||
struct nd_ifinfo *ndi = NULL;
|
||||
bool send_ns = false;
|
||||
struct in6_addr mdaddr6 = zeroin6_addr;
|
||||
const struct in6_addr *daddr6 = NULL;
|
||||
const struct in6_addr *taddr6 = &ln->r_l3addr.addr6;
|
||||
struct sockaddr_in6 sin6;
|
||||
struct sockaddr_in6 dsin6, tsin6;
|
||||
struct sockaddr *sa;
|
||||
|
||||
SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE();
|
||||
|
||||
@ -503,11 +505,17 @@ nd6_llinfo_timer(void *arg)
|
||||
clear_llinfo_pqueue(ln);
|
||||
|
||||
icmp6_error2(m, ICMP6_DST_UNREACH,
|
||||
ICMP6_DST_UNREACH_ADDR, 0, ifp);
|
||||
ICMP6_DST_UNREACH_ADDR, 0, ifp, &mdaddr6);
|
||||
}
|
||||
|
||||
sockaddr_in6_init(&sin6, taddr6, 0, 0, 0);
|
||||
rt_clonedmsg(RTM_MISS, sin6tosa(&sin6), NULL, ifp);
|
||||
sockaddr_in6_init(&tsin6, taddr6, 0, 0, 0);
|
||||
if (!IN6_IS_ADDR_UNSPECIFIED(&mdaddr6)) {
|
||||
sockaddr_in6_init(&dsin6, &mdaddr6, 0, 0, 0);
|
||||
sa = sin6tosa(&dsin6);
|
||||
} else
|
||||
sa = NULL;
|
||||
|
||||
rt_clonedmsg(RTM_MISS, sa, sin6tosa(&tsin6), NULL, ifp);
|
||||
|
||||
/*
|
||||
* Move to the ND6_LLINFO_WAITDELETE state for another
|
||||
@ -1304,7 +1312,7 @@ nd6_free(struct llentry *ln, int gc)
|
||||
sockaddr_in6_init(&sin6, in6, 0, 0, 0);
|
||||
lladdr = ln->la_flags & LLE_VALID ?
|
||||
(const char *)&ln->ll_addr : NULL;
|
||||
rt_clonedmsg(RTM_DELETE, sin6tosa(&sin6), lladdr, ifp);
|
||||
rt_clonedmsg(RTM_DELETE, NULL, sin6tosa(&sin6), lladdr, ifp);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -2245,7 +2253,7 @@ nd6_cache_lladdr(
|
||||
|
||||
sockaddr_in6_init(&sin6, from, 0, 0, 0);
|
||||
rt_clonedmsg(is_newentry ? RTM_ADD : RTM_CHANGE,
|
||||
sin6tosa(&sin6), lladdr, ifp);
|
||||
NULL, sin6tosa(&sin6), lladdr, ifp);
|
||||
}
|
||||
|
||||
if (ln != NULL) {
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: nd6_nbr.c,v 1.176 2020/01/20 18:38:22 thorpej Exp $ */
|
||||
/* $NetBSD: nd6_nbr.c,v 1.177 2020/03/09 21:20:56 roy Exp $ */
|
||||
/* $KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $ */
|
||||
|
||||
/*
|
||||
@ -31,7 +31,7 @@
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.176 2020/01/20 18:38:22 thorpej Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.177 2020/03/09 21:20:56 roy Exp $");
|
||||
|
||||
#ifdef _KERNEL_OPT
|
||||
#include "opt_inet.h"
|
||||
@ -887,7 +887,7 @@ nd6_na_input(struct mbuf *m, int off, int icmp6len)
|
||||
struct sockaddr_in6 sin6;
|
||||
|
||||
sockaddr_in6_init(&sin6, &ln->r_l3addr.addr6, 0, 0, 0);
|
||||
rt_clonedmsg(rt_cmd, sin6tosa(&sin6),
|
||||
rt_clonedmsg(rt_cmd, sin6tosa(&ssin6), sin6tosa(&sin6),
|
||||
(char *)&ln->ll_addr, ln->lle_tbl->llt_ifp);
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user